We are seeking a highly skilled and knowledgeable Compliance Specialist to ensure that our company adheres to multiple compliance standards across different industries. The ideal candidate will be responsible for monitoring regulatory developments, ensuring compliance with various frameworks, and implementing necessary changes to maintain full legal and regulatory compliance.
Key Responsibilities:
Compliance Management: Ensure adherence to multiple compliance standards, including but not limited to ISO 27001, SOC 2, SOX, GDPR, HIPAA, PCI-DSS, and other relevant frameworks.
Customer Security Questionnaires: Collaborate with cross-functional teams to complete security questionnaires requested by customers. Provide accurate and detailed responses to demonstrate the Company's commitment to security.
Vulnerability Management: Oversee vulnerability scanning activities, including penetration tests and regular vulnerability scans, to identify weaknesses in Company's systems and infrastructure.
Remediation Management: Work closely with IT, Dev and security teams to ensure timely remediation of identified vulnerabilities, tracking progress, and verifying that vulnerabilities are resolved satisfactorily.
Security Awareness: Promote a culture of security awareness across the organization, educating team members on security policies and best practices.
Auditing & Reporting: Conduct regular internal audits, prepare for external audits, and ensure timely submission of compliance reports to governing bodies.
Policy Development: Develop, implement, and maintain company-wide policies and procedures that align with various compliance standards.
Risk Management: Identify potential risks related to compliance breaches and recommend corrective actions.
Training & Awareness: Educate and train employees on compliance standards, company policies, and industry best practices.
Stakeholder Collaboration: Work closely with internal teams, including IT, Legal, and Operations, to ensure all departments comply with applicable regulations.
Continuous Improvement: Stay up-to-date with changing regulations and industry trends to recommend updates to current processes and compliance frameworks.
Incident Response: Assist in developing incident response plans and ensure effective handling of any compliance violations or data breaches.
Requirements
Bachelor’s degree in Law, Information Security, Business Administration, or a related field.
Over 5 years of experience in compliance, risk management, or a related field.
Certifications: Relevant certifications such as CISA, CISSP, CISM, or ISO/IEC Lead Auditor are highly preferred.
In-depth knowledge of compliance frameworks such as ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, NIST, or others.
Experience conducting audits and implementing compliance controls.
Strong analytical and problem-solving skills, with the ability to handle multiple compliance regulations simultaneously.
Excellent communication skills with the ability to explain complex compliance concepts to non-technical stakeholders.
Strong organizational skills and attention to detail
